Mass storage devices may include memory having a secure partition. Encrypted data, generated by an encryption method, may be stored in the secure partition. Generally, data may be received from a host computer, encrypted by an encryption engine on the mass storage device, and stored as encrypted data in the secure partition. Encrypted data may be retrieved by the controller on the mass storage device, decrypted by the encryption engine, and sent as unencrypted data to the host computer. In this manner, unencrypted data is sent on an interface between a host processor and a controller on the mass storage device, while encrypted data is sent on an interface between the mass storage device controller and the secure partition. Accordingly, no encrypted data is generally present on the interface between the mass storage device and the host computer which may be, for example, a USB interface. Ensuring that encrypted data is not present on the interface between the host computer and the mass storage device may help protect the encryption methodology and any keys used during the encryption method because the encrypted data may not be easily intercepted.
A size of the secure partition as well as other partitions such as public partitions and read only partitions are stored on the mass storage device. The mass storage device may communicate the size of these partitions in response to query from the host computer. Sometimes, these partitions may be resized to take up a larger or smaller portion of the memory on the mass storage device. Updated sizes of the partitions will replace the values already in the mass storage device. Resized partitions will typically require reformat by the host computer in accordance with the updated partition size.